Privacy Policy

PERSONAL DATA PROTECTION POLICY

The processing of personal data is conducted in accordance with the provisions of the General Regulation on Personal Data Protection (GDPR 2016/679), any applicable special national and European legislation for specific areas, the current Greek legislation for the protection of personal data, as well as for the protection of personal data and privacy data in the field of electronic communications (Law 3471/2006, as applicable) and the decisions of the Authority for the Protection of Personal Data (APDPX).

Definitions:

1. Personal data: Any information or combination of information that can directly (e.g., Full Name) or indirectly (e.g., through pseudonymous data such as Social Insurance Registry Number (AMKA) or ID card Number) identify an individual. Personal data includes information such as email address, home address, mobile phone number, personal preferences, and social welfare information.
2. Controller: The natural person or legal entity, public authority, service, or any other entity that individually or jointly with others determines the purposes, conditions, and manner of processing personal data. For the purposes of this privacy policy, the controller is ALTEX S.A.

Contact:

You may contact the controller of your personal data at the following email address: eshop@funky-buddha.com. if you do not agree to the collection, processing, or use of your personal data by the Company, in accordance with applicable law and the Company's privacy policy. In such a case, the service may no longer be available.

Collection of Personal Data:

When visiting the Company's website as a visitor without subscribing or placing an order, the following data will be collected to inform the Company about the visit and to comply with minimal processing requirements set by the Data Processing Authority:

1. Device data: Device ID, operating systems, device version, or other identifiers.
2. Connection details: Time, date, visit duration, user's place of origin, IP address, and other login details.

When signing up and managing an account, personal data will be requested, such as email address for receiving newsletters (with consent) and additional personal information for placing an order. Mandatory details for each transaction include full name, fixed telephone number, address (street, city, postal code), shipping address, and preferred type of receipt (receipt or invoice). Optional details may include a mobile phone number and occupation.

Retention of Personal Data:

Personal data will be retained for as long as necessary to fulfill the intended purpose or to comply with legal obligations. The retention period is determined based on the following criteria:

1. For products purchased, personal data will be retained throughout the contractual relationship.
2. For participation in promotional offers, personal data will be retained throughout the offer.
3. For customer inquiries, personal data will be retained as long as necessary to process the inquiry.
4. For user accounts, personal data will be retained until requested to be deleted or after a period of inactivity as determined by local regulations.
5. For marketing notifications, personal data will be retained until registration is removed, deletion is requested, or after a period of inactivity as determined by local regulations.

Some personal data may be retained to fulfill legal or regulatory obligations, manage rights (e.g., claims before courts), or for statistical purposes. Once personal data is no longer needed, it will be deleted from systems and records or made anonymous.

Processing of Personal Data Outside the EU/EEA:

Data processing primarily takes place within the European Union (EU) and European Economic Area (EEA). In cases where service providers outside the EU/EEA are involved, they must demonstrate an adequate level of data protection and sign a data processing agreement.

Information About Cookies:

Cookies are used on the website to enhance browsing experience. Cookies are small text files stored on the device used to browse the site. Session cookies are deleted after the browser session, while persistent cookies remain on the device to identify the browser on subsequent visits. Users can configure their browsers to accept or reject cookies. However, rejecting cookies may reduce website functionality.

Categories of Cookies:

1. Functional Cookies: They store information previously submitted and improve personalized browsing without tracking site browsing.
2. Performance Cookies: They collect information about webpage/application usage without identifying the user, aiming to improve website performance.
3. Promotion Cookies: They provide targeted advertising based on user interests, measure ad effectiveness, and limit ad frequency. Information may be shared with third parties for improved targeted advertising.

Privacy of Transactions:

ALTEX S.A. treats the privacy of transactions as a priority. Confidentiality of all user/member data transferred to ALTEX S.A. is ensured and used only when necessary for providing services. ALTEX S.A. does not disclose customer data or transactions unless authorized in writing, by court order, or by a relevant public authority. When cooperating with third parties, ALTEX S.A. ensures data confidentiality. Users are responsible for safeguarding their confidential information and not disclosing it to third parties.

Transaction Security:

ALTEX S.A. implements advanced security measures to ensure the security of personal data and transactions. User identification is achieved through email and a secret personal security code (password) for accessing personal data securely. Users are encouraged to regularly change their passwords, avoid easily detectable codes, and use a combination of letters, numbers, and symbols. Payment by credit card or PayPal is a secure method, and ALTEX S.A. does not become aware of any card or account information. Payments are redirected to secure transaction systems using encrypted connections.

Right to Modify the Policy and Final Provisions:

The Company reserves the right to modify this personal data protection policy to comply with legal or regulatory obligations. Major changes will be updated accordingly. The Company implements necessary technical and organizational measures to protect personal data. Users have control over the information they provide. Users who wish to browse anonymously and avoid evaluation of their browsing behavior by the Company can configure their browser settings accordingly.

This website adheres to the code of conduct of the Greek eCommerce Association (GRECA). For more information, visit the GRECA website.